The Awingu 5.2.4 maintenance release is now available!

AWINGU GOES
ABOVE AND BEYOND RDP

RDP (Remote Desktop Protocol) is omnipresent in different forms these days. It has been around since 1998, and today it can be leveraged to access clients and servers remotely. For the end-user, that typically involves installing and using an RDP client on their end-point (a laptop, tablet, et cetera). Today, most technologies that enable remote access into Microsoft Windows-based clients and servers rely on this foundation.

Awingu’s HTML5 gateway translates the RDP (and xRDP) streams into HTML5, making them available via the browser on any device, anywhere without the need for RDP agents on these devices. And it goes even further, by adding Zero Trust security, aggregation and collaboration.
DOWNLOAD RDP WHITEPAPER

HOW DOES AWINGU ADD LAYERS ON TOP OF RDP/S?

Increased security

Let’s be honest – security is one of RDP/S’s main challenges. Awingu has extensively researched the use of RDP, and a 2019 study found in 360,000 RDP ports to be open and available for hacking in 6 European countries. But not only are a lot of environments vulnerable as per their setup, the protocol itself has been prey to many vulnerabilities. Using RDP and RDS securely implies a continuous effort and investment in additional tooling.

Below, you can find a wide variety of out-of-the-box security capabilities that come with Awingu. Hover for more information!
HTML5 access instead of a vulnerable RDP client RDP is known to have numerous exploits, especially when running older and unpatched versions. HTML5 minimizes the ‘threat vector’ specific to RDP (e.g., Bluekeep, NotPetya).
Protocol switch A Protocol switch is enforced as Awingu translates RDP into HTML5 and avoids using an End-2-End direct connection; (making singled (zero day) exploits impossible cross-network)
Multi-factor authentication Awingu comes with a built-in MFA solution and can (if necessary) easily integrate your current method of authentication. By adding MFA, you minimize the risk for “brute force attacks”. The Awingu built-in MFA supports the use of One-Time tokens (HOTP) and Time-Based tokens (TOTP). Awingu also integrates DUO Security, Azure MFA, SMS Passcode or Radius based services.
Encryption over HTTPS Between the end-user (browser) and the Awingu virtual appliance, Awingu favours and enables encryption over HTTPS. Awingu allows the use of own SSL certificates (or SSL Proxy). Furthermore, Awingu has a built-in integration with Let’s Encrypt, which automatically generates a unique SSL Certificate and takes care of its renewal.
Port 443 only When set up correctly, Awingu only requires port 443 to be available for end-user clients.
Extensive usage audit Awingu comes built-in with an extensive usage log. The usage audit tracks what application session users open (or close) and when and where (from what IP address) they do that. It also tracks what files are opened, deleted, shared, etc. The audit log is available via the Awingu dashboard (admin) and custom reports can be extracted.
Anomaly detection Get informed about irregularities in your environment, such as someone who logs in too often with a wrong password or someone trying to log in from abroad. This information is available via the Awingu dashboard (admin only).
Granular usage controls Specific rights can be allocated for every user (group); e.g. preventing the use of the virtual printer (i.e. no printing at home), preventing downloading (or uploading) of files to and from the local desktop, preventing Awingu application session sharing, preventing Awingu file sharing, etc.
Session recording Awingu can enable auto-recording of set applications or users (note: excluded for Awingu Reverse Proxy sessions). The end-user will get a warning of the recording prior to starting his Awingu application/desktop and will need to ‘accept’.
Context-awareness Awingu enables to define geolocations and/or IP addresses as safe zones per user (group). Within those safety zones, users can access all applications and file shares. Outside of the safety zone (e.g., in a foreign country), users will either be pushed to authenticate with MFA or just not be able to get access. You can image setup of context awareness for share drives with sensitive data and applications like email clients and ERPs. Awingu recommends, in all cases, is to always use MFA.
Reducing the risk of using old RDP/S versions Given the RDS environments are not leveraged towards the outside (only HTML5), the risk of running old unpatched or even not supported backend services is reduced (let’s be clear, this should not be best-practice, but in can be a good aid in some cases).

Time saver for the IT admin

  • Awingu is an all-in-one solution, meaning that all features are part of the same solution and can easily be enabled or disabled.
  • Awingu acts as a gateway leveraging standard protocols, making installation and rollout easy and fast (in some cases it can be done in a matter of hours) and making upgrade management easy.
  • Finally, end-user support is made easy: with no clients that can breakdown on the end-point also come a lot less support tickets. When tickets do come, support engineers can easily take over the end-user session or check the audit logs.

Increased mobility & cross-device usage

Awingu renders apps and desktops in HTML5 in the browser. As such, users take whatever device to get work done. This can be a tablet (e.g., Apple iPad), a Google Chromebook or a Windows laptop. Even a Tesla or connected fridge will do the trick.

By default, Awingu does not limit access to one or another device. If this is desirable, then partner solutions are available – such as the Blackberry Digital Workspace or OpsWat MetaAccess.

Optimized for service providers and ISVs

For Service Providers (M/CSPs) and ISVs, Awingu comes packed with a whole set of specific capabilities that elevate the pure RDS capabilities. This is particularly of interest for those that already have an RDS-based platform in place. By design, Awingu is multi-tenant, has an open API, enables direct links & aggregation and is completely brandable.

Everything in the browser behind one login

Often, users don’t just rely on RDS enabled applications. They also need access to SaaS services and other web services as well as file servers. With Awingu, you can aggregate all those components together in one single ‘unified’ workspace that can be accessed from one single login. Furthermore, Awingu has extensive Single Sign-On (SSO) capabilities.

“You can enable RDP via VPN, but that’s hardly secure enough. Furthermore, there are Citrix products – but those come with a lot of overhead, are harder to use and turn out to be a lot more costly for our clients. Keeping those things – security, cost and ease-of-use – in mind, Awingu turned out to be the best option.”

Jente Vandijck (Solutions Architect, VanRoey.be) Tweet

CHECK OUT OUR BLOG POSTS

Awingu study reveals security threats in over 360.000 companies across 6 European countries

As a follow-up of our 2018 open Remote Desktop Protocol (RDP) endpoint studies, Awingu research in 2020 found over 360.000 companies and government organizations in Germany, the UK, Italy, the Netherlands, Belgium and Sweden to have an open access into their network that is unprotected and available over the ‘regular’ internet via RDP.

Furthermore, we also found a specific peak (up to 40.000 vulnerable RDP environments) on the public cloud of Microsoft Azure Amsterdam. Even inexperienced hackers can easily navigate their way into these unprotected environments by, for example, using databases of stolen logins or by using one of the many known RDP exploits. Therefore, we urge these companies to add an extra layer of security to their environment ASAP.

Demystifying RDP - Part 1: Understanding RDP, VDI & RDS

When Windows XP was released back in 2001, it also baked RDP (Remote Desktop Protocol) into the Windows client OS. RDP is a proprietary protocol from Microsoft and basically provides users with a graphical interface to connect to another computer over a network. In essence, the protocol helps in the setup of ‘Server Based Computing’. It helps “clients” connect to “servers” – and in the context of RDP those servers will run operating systems (e.g., Microsoft Windows) or applications (e.g., Sage BOB50, Microsoft Navision, etc.).

Since then, the RDP technology has evolved rapidly. Truth be told, it’s become a complex picture which only a few people really master. In, this blog post, we’ll try to bring some structure into the picture, the different options, the different elements, the high-level benefits, and the downsides. We’ll also explain how Awingu adds benefits on top of RDP and the different ways to deploy it.

Demystifying RDP - Part 2: Understanding Microsoft’s VDI & RDS Licensing

In this blog post, we’ll try to put some structure in RDS and VDI licensing and explain some of the main concepts and options.

When we talk with partners and customers, we are frequently confronted with questions about Microsoft RDS & VDI licensing. ”How much does it cost?” is one that we hear often, and that is… pretty complex matter, to say the least. Firstly, because the technology and architecture basis below RDS and VDI is complex, and secondly because the rules of the game have evolved over time. The matrix of possibilities is vast! In short, when buying RDP related licenses, make sure that you have a good advisor or that you work your way through Microsoft Product terms.

HOW DOES AWINGU WORK?

Awingu is a secure virtual appliance that can be deployed in your infrastructure of choice. It connects via standard protocols such as RDP, CIFS and LDAP into backend applications, desktops and file servers and renders these services into HTML5 via its proprietary RDP gateway. As such, users can securely access services that reside in other networks via their browser. Unlike a VPN or traditional VDI, nothing needs to be installed on the end-user device, making the roll-out smooth and complex less.

Secure by design with many capabilities built-in (SSL, MFA, Auditing,..)

Easy and fast to deploy

Runs with what you have in place today in terms of apps, cloud or endpoint. No drastic changes needed.

Don't take our word for it, check out our reference customers!
As trusted by our technology partners!
Plan a meeting with our expert team.

GET IN TOUCH!

Do you have any more questions about Awingu? Reach out to our Awingurus!

Luigi small
🇮🇹 🇵🇹
Luigi
Jacqueline
🇪🇸
Jacqueline
tasneem vSquare_small
🌎
Tasneem
This website uses cookies. Read our transparent cookie policy!